The FBI is officially attributed to last week $ 1.4 billion crypto theft From Bybit to North Korean Hackers, the labeling of the “Trainertraitor” operation in a public service announcement Released on Wednesday.
These threat actors work quickly to cash in their plundered crypto, the FBI said, acknowledge that they have since converted some of the stolen assets into Bitcoin and other crypto.
Those assets are now spread over “thousands of addresses on multiple block chains,” the desk said.
From the start of the theft, the crypto community had generally Lazarus Group, but the confirmation of the FBI connects the attack to the regime of Kim Jong Un, which is increasingly financing his weapon programs Due to cyber crime.
Hackers have succeeded take control Van Bybit’s Ethereum Cold wallet during a routine transfer surgery on 21 February, where he was committed what is now considered the largest public -known crypto -hack.
Despite the Fallout insured Bybit CEO Ben Zhou users that the exchange remains financially stable.
“Bybit is solvent, even if this hack loss is not recovered, all assets of customers are supported 1 to 1, we can cover the loss,” Zhou said In an X post on the same day.
More confirmations
Security company Slowmist confirmed the technical details of the attack on Wednesday late at night and revealed an advanced compromise.
“Safe DEV’s equipment was affected, injecting malicious code in the front,” Slowmist Researchers said On X. “The attack intercepted and changed transaction parameters.”
By the weekend after the attack, according to around $ 140 million, accounts were already connected to North Korean agents, according to facts from elliptic.
Safe {wallet}, whose infrastructure was operated in the attack, brought a rack The recognition of the infringement was carried out by the notorious Lazarus group.
“The forensic assessment in the intended attack by the Lazarus group on Bybit concluded that this attack was aimed at the Bybit -safe was reached via a compromised machine of a safe {wallet} developer,” the company explained.
Recovery efforts have so far been limited success. Elliptic later revealed that a group of security experts did fetched About $ 43 million of the stolen assets, with an extra $ 243,000 seized by corresponding accounts.
Bybit has offered a reward of 10% to security experts who help pick up the stolen funds afterwards explained ‘war’ on the Lazarus group.
The FBI urges private sector entities, including trade fairs and blockchain analyzed companies, to block transactions with 48 Ethereum addresses identified as managed by or connected to North Korean traders.
Daily debrief Newsletter
Start every day with the top news stories at the moment, plus original functions, a podcast, videos and more.
